import functools from flask import ( Blueprint, flash, g, redirect, render_template, request, session, url_for ) from hashlib import md5 from create_db import User, get_session, get_engine from share import get_all_shared bp = Blueprint('auth', __name__, url_prefix='/auth') @bp.route('/register', methods=('GET', 'POST')) def register(): Session = get_session() with Session() as dbsession: if request.method == 'POST': username = request.form['username'] password = request.form['password'] mail = request.form['email'] error = None #@TODO check if this really is an email. if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif not mail: error = 'Please enter your email adress.' elif dbsession.query(User).filter(User.username == username).first() != None: error = "Username already exists, please choose another one." elif dbsession.query(User).filter(User.email == mail).first() != None: error = "This email adress is already in use, please choose another one." if error is None: try: user = User(username=username, password=md5(password.encode("utf-8")).hexdigest(), email=mail, settings = "") dbsession.add(user) dbsession.commit() #Preden zapremo naj user dobi vse shared karte od prej. new_user = dbsession.query(User).filter(User.username == username).first() new_user_id = new_user.id get_all_shared(new_user_id) dbsession.close() except Exception as e: error = f"napaka pri registraciji {username} je {e}" else: return redirect(url_for("auth.login")) flash(error) get_engine().dispose() return render_template('register.html') @bp.route('/login', methods=('GET', 'POST')) def login(): if request.method == 'POST': Session = get_session() with Session() as dbsession: username = request.form['username'] password = request.form['password'] error = None user = dbsession.query(User).filter(User.username == username).first() if user is None: error = 'Incorrect username.' elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash error = 'Incorrect password.' if error is None: session.clear() session['user_id'] = user.id session['username'] = user.username return redirect(url_for("menu.index")) #TODO ne dela flash(error) get_engine().dispose() return render_template('login.html') @bp.before_app_request def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: g.user = None @bp.route('/logout') def logout(): session.clear() return redirect(url_for('index')) def login_required(view): @functools.wraps(view) def wrapped_view(**kwargs): if g.user is None: return redirect(url_for('auth.login')) return view(**kwargs) return wrapped_view